Access an entire team of security professionals for less than the cost of one. Our approach helps ensure that security and compliance measures are properly factored into your business and technology decisions while at the same time keeping your budget on track.

Newsletter: Get Ready for the OCR’s Second-Phase Audits

The Department of Health and Human Services’ Office of Civil Rights (OCR) has begun its second phase of audits to gauge covered entities’ compliance with HIPAA’s security and privacy requirements.

HIPAA-covered entities will have their compliance efforts put to the test and Business Associates will not escape. They too will be assessed using the HIPAA Privacy, Security and Breach Notification Rules.

Here are some things you need should the OCR come knocking at your door:

A documented risk assessment.

Written policies and procedures that address the privacy and security standards and any vulnerabilities that were found during the risk assessment.

A written incident response plan for responding to breaches of unsecured Protected Health Information (PHI).